[Noisebridge-discuss] Attn: Lockpicking and Attn: Interested on Public Key Encryption

Sun Sep 9 18:56:00 UTC 2012

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I am interested in communicating difficult concepts in very easy ways.
Something about that gives me a kick. I want to get some physical
lock-key apparati and I thought the lock picking group may help point
me in the right direction.

I have been explaining public-key encryption to new users for several
weeks now. I found the main source of confusion was that they were
using the concept of symmetric keys and having two keys just didn't
fit that model.

I found it most helpful use the word 'key' *only* when discussing
symmetric keys and *never* use it when discussing public key
cryptography. I would substitute the words "safe" and "combination"
(concept per GNU Privacy Handbook
(http://www.gnupg.org/gph/en/manual.html) instead of key for public
key encryption.

So, we would say "your public safe" each time we were referring to the
concept of a public key.  And, we would say "your private combination"
when we were talking about the private key concept.  Because this
repetitively used the words "public and safe" and "private and
combination," it seemed to help a *lot*. In fact, when we started
talking about "John's public safe" and "my public safe" and "my
private combination" it made sense.

I also used the short story of: "Imagine I'm not home and you're
trying to get me a message that you know ONLY my eyes will see. You
call me on the phone and discuss but don't want to give me the message
over the phone. I explain that, outside my house, on my porch, I have
a safe that's bolted down into the concrete -- it can't easily be
stolen. I leave the safe unlocked. Only I have the combination to it.
So, why don't you put your message inside the safe (since I'm not
home), spin the tumbler to lock it, and know only I can unlock it when
I get home."

This concept worked very well (it seemed to work in all cases thus
far). It's something physical that people can relate to. Yes, the safe
can be drilled into and the message stolen. and, yes, the concrete
could be destroyed and the safe stolen. But, those things are pretty
hard to do and can take a while -- I may be home before they get by
with it. Those same concepts are true for Public Key encryption.

I want to take this physical concept and make a classroom apparatus
for it. I want a bunch of small padlocks (the small cheap kind is
fine). But, I need to get like 5 copies of the exact padlock (i.e., I
want one single key to open many different padlocks). The idea is that
each padlock represents a public key and they're passed around the
room willy nilly so anyone can have one (I'll probably paint or in
some way color code them so each set is easily identifiable). And,
then, if I could get a small box or carton or diary or something that
would lock, we can have people write messages, put them in the box,
and then lock it with a lock (e.g., I'll use a red lock because Glen
has the keys for red locks and I can get a message to him). These can
be passed around the room to be delivered to the person in question. I
have no idea what the box thingy will look like -- I'm open to
suggestions.

I'm more troubled where can I buy a set of identical padlocks where
only one key will open them? (e.g., 1 key and 5 padlocks). And, then
can I buy several sets?

I thought the lock-picking group may be able to point me to a vendor
or the right location. I hope not to spend more than $30 or so on
this, so we're talking reasonably cheap small locks if possible. I
will only use this a few times when teaching a class...  (although, I
think with this apparatus we could easily teach third graders how
public key cryptography works)..

Any help would be appreciated.

Warmest Regards,

Glen Jarvis
- --
"Pursue, keep up with, circle round and round your life as a dog does
his master's chase. Do what you love. Know your own bone; gnaw at it,
bury it, unearth it, and gnaw it still."

- --Henry David Thoreau
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (Darwin)

iQEcBAEBAgAGBQJQTOYSAAoJEKUwgjDmsw1zb3YH/0gwZNJkD2clekXb58GDrWLv
R4ad6DlJE7ly2zS/jpGI/I0MPUXDJ40ZHcDywQl2cykbGkCoAna84Fv1K4cbH25b
QkUYP3b16TuflA+01kN3gRxvbSqp2qCHJVBRBb76b7m5+7XW5JMkFOkIZ8Yk9ArK
0q++PzHBuR7SkBBA/3w0fqabndJfvgPiAwTyIMyp4w6R7p78S4AoJ+Zk2UOSaCT0
U4VeapiDO7aBQnOoMWQPHXgK3pjaYcNVtmfN7AOZPa39nv5di2yuPFU4CRsDrfRo
R3GyZSNnU6A/GizA4dwO11Te1EfnsDU1ZP/F64a/CKMC6NvKOBin5GLXupjzMwc=
=hIlK
-----END PGP SIGNATURE-----
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.noisebridge.net/pipermail/noisebridge-discuss/attachments/20120909/518e71b8/attachment-0002.html>